non si e' aggiunta nessuna cartella in piu' almeno dai collegamenti sul desktop non ne vedo di altri,cmq ti mando il messaggio in inglese
Bleep Bleep!
Admin
PipPipPipPipPipPip
39,491 posts
Gender:Male
Location:USA
Posted 20 June 2011 - 06:14 PM
Unhide.exe is a program that will revert many of the changes on your computer caused by the FakeHDD family of rogue anti-spyware programs. This family of rogues pretends to be a system optimization program that will solve errors with your computer’s hard disks, memory, and performance. It will also display fake alerts stating that your computer has numerous computer issues and prompt you to purchase the program in order to resolve these issues.
Unhide can be downloaded from the following url:
http://www.bleepingcomputer.com/download/unhide/A screen shot of one of the programs in this family is:
Posted Image
As part of the infection process, this family of rogues will change the attributes of all the files on your computer's fixed hard disks so that they are hidden (+H). It will then change your Windows configuration to make it so that you do not see hidden files or hidden system files. By doing this, the rogue attempts to make you think that all of your files have been deleted in the hopes that this will trick you into purchasing the program in order to recover your files.
This infection will also delete shortcuts in various folders on your computer so that you can no longer find them pinned to the taskbar, in the quick launch, or in your Start Menu. When the infection deletes the shortcuts it will store a backup copy of them in the folder %Temp%\smtmp. Using this backup, we can then restore the files to their proper location so you can find them once again under your Start Menu and in other locations. It is very important, though, that if you are infected with this family of infections that you do not delete any of the files in your %Temp% folder and that you do not run any temp file cleaners as they will delete this backup folder. With this folder removed, we will not be able to restore the shortcuts back to their proper location.
Unhide.exe is used to automatically revert these changes on your computer. When run, it will unhide (-H) all +H files on the fixed disks of your computer. It will not, though, unhide any files that also have the +S attribute. Unhide will also automatically detect if the %Temp%\smtmp folder exists, and if it does, it will copy them back to their proper locations for you. If your shortcuts are missing due to this infection and you have already cleaned out your Temp folder, then you can use the scripts at the bottom of this post to restore your default Start Menu.
Unhide will also reset certain Registry settings that this infection changes to hide your shortcuts and start menu items. When Unhide is running, if it detects any changes in these Registry settings it will reset them to the Windows default and display a messaging that it has done so.
When Unhide is complete, it will create a logfile on the Windows Desktop called Unhide.txt.
Registrazione